Concepts in IP Addressing
IP is a Layer 3 media-independent connection-
less protocol. Every device that is connected to
the network must have a unique IP address. An
IP address has two major parts: the network and
the host portions.
Domain Name System (DNS) is used to map
friendly names to the actual IP addresses asso-
ciated with those names.
IPv4 uses a 32-bit number represented as four
octets separated by periods, called dotted-
decimal. IPv6 uses 128-bit numbers represented
in eight groups of four hexadecimal characters
each, separated by colons. Both IPv4 and IPv6
use a mask to identify how many bits going from
left to right are being used to identify the net-
work. Bits not used to identify the network are
used to identify hosts on that specific network.
A default gateway is required to send a packet
out of a local network.
IPV4 ADDRESS CLASS AND RANGE
Class High-Order Bits First Octet Range
A 0 1–126
B 10 128–191
C 110 192–223
D 1110 224–239
E 11110 240–255
IPV4 ADDRESS CLASS AND DEFAULT MASKS
Class Default Mask
A 255.0.0.0
B 255.255.0.0
C 255.255.255.0
IPV4 PRIVATE IP ADDRESS RANGES
Class Range
A 10.0.0.0 to 10.255.255.255
B 172.16.0.0 to 172.31.255.255
C 192.168.0.0 to 192.168.255.255
Subnetting allows you to create additional sub-
nets. Variable-length subnet masking (VLSM)
allows you to use different mask lengths so as
to not waste IP addresses.
To create IP subnets, you take (starting on the
left) what used to be host IP bits and allocate
them for subnetwork addressing. The number
of bits that you allocate above and beyond
the default control how many subnets you can
create. The formula is two to the power of the
number of bits that you take. For example, if we
start with a 10.0.0.0/8 network and we use 3
additional bits to make it 10.0.0.0/11, we could
create 23 = 8 new subnets. Because the least
significant bit of the new mask falls on the 32
value, that would be R block size for the new
subnets, which would be 10.0, 10.32, 10.64,
10.96, and so on.
The number of host that can be created use the
formula 2Host bits – 2. If we have a network of
10.0.0.0/28, that leaves four host bits, so we
would have a possibility of 24 – 2 = 14 hosts on
any network that had a /28 mask.
Subnetting is a process of moving the mask to
the right.
IPv6 uses several types of addresses, including
global unicast (which ranges from 2000 through
3FFF), link local unicast addresses (which begin
with FE80) and multicast addresses (which begin
with FF). Transition strategies include tunnel-
ing, dual stacking, and protocol translation. An
anycast address is similar to unicast except that
anycast packets will go to the one host that is
closest as determined by the routing protocol
metric. IPv6 never broadcasts; it multicasts
instead.
IPv6 address compression:
Given the address 2010:0000:BBBB:000C
:D000:0000:0000:0001, the following address
representations are possible:
Drop leading 0s:
2010:0:BBBB:C:D000:0:0:1
Compress contiguous all-0 groups with :: once
per address.
2010:0:BBBB:C:D000::1
Valid hex characters in an IPv6 address are 0–F.
IPv6 can use an EUI-64 method to create the
host ID, starting with information from the MAC
address being used by the interface.
The command ipv6 unicast-routing is off by
default, and must be enabled for a router to for-
ward the IPv6 packets of network devices.
IPv6 uses Neighbor Discovery Protocol (NDP) to
determine Layer 2 addresses (replaces Address
Resolution Protocol [ARP]). Autoconfiguration
allows you to obtain, via plug-and-play, an IP
address without using a DHCP server.
The IP stacks for IPv4 and IPv6 are completely
separate from each other, as are the routing
protocols for each of the stacks.
IPv6 OSPFv3 doesn’t use network statements. It
uses interface commands to enable each inter-
face for OSPF. Static IPv6 routes can be created
using the command ipv6 route.
Working with Cisco Equipment
The console port on a router or switch can
be used to initially configure the device.
Ethernet ports are high-speed interfaces used
to forward traffic, and can also be used to
allow management traffic such as Secure Shell
The CCNA Cram Sheet
This Cram Sheet contains key facts about the ICND1 exam. Review this information as the last
thing you do before you enter the testing center, paying special attention to those areas in which
you think that you need the most review. You can transfer any of these facts from your head
onto a blank sheet of paper immediately before you begin the exam.
Networking Fundamentals
Physical components for a network include hosts, connections, switches, and routers. Physical
topology describes the layout of the physical components. A logical topology communicates
how the data flows through the network.
A local-area network (LAN) is a geographically close in proximity, high-speed network. A wide-
area network (WAN) is a network that is using third-party services (such as an service provider)
to connect devices over large geographic areas. A WAN is a collection of LANs connected over a
long distance (farther than the LAN could provide).
WAN technologies include dedicated leased lines, which are a dedicated point-to-point connec-
tion that can use Point-to-Point Protocol (PPP) or High-Level Data Link Control (HDLC). Packet-
switched connections share the bandwidth with other logical circuits, such as with Frame Relay.
High-speed LANs typically use Ethernet in full duplex, using switches that operate at Layer 2.
Routers operate logically at Layer 3.
Network Models
..............................................
TCP AND UDP
Know the following protocols and port numbers:
TCP UDP
FTP 20, 21 DNS 53
Telnet 23 DHCP 67, 68
SMTP 25 TFTP 69
DNS 53 NTP 123
HTTP 80 SNMP 161
POP 110
NNTP 119
HTTPS 443
OSI MODEL
Layer Name Protocols and Devices PDU Name
7 Application FTP, Telnet, TFTP, SMTP, SNMP, DNS, HTTP Data
6 Presentation ASCII, .jpg, .doc Data
5 Session Establishment and teardown of logical sessions Data
4 Transport TCP: Connection oriented, reliable Segment
UDP: Connectionless, unreliable, uses upper layer protocols
3 Network IP, routing and path determination, logical addressing Packet
Routers
2 Data Link Ethernet, Frame Relay, PPP, HDLC, MAC addresses Frame
Switches
1 Physical Bits transmitted on media Bits
Hubs, repeaters
(SSH) over IP to the device being managed.
Serial ports are slower connections (compared
to Ethernet) that can be used for WAN
connections.
Flash is a storage location that keeps the
IOS image. NVRAM is a storage location that
holds the startup configuration. RAM holds the
current running configuration. The initial startup
file in NVRAM is called startup config. The
configuration that is running in RAM is called
running config.
1. POST (power-on self-test): Device finds hardware
and performs hardware-checking routines.
2. Locate IOS.
3. Load IOS.
4. Locate configuration (startup config).
5. Load configuration (running config).
The configuration register is a four-character
hexadecimal value that can be changed to
manipulate how the router behaves at boot. The
default value is 0x2102.
The characters 0x indicate that the characters
that follow are in hexadecimal. This makes it
clear whether the value is “two thousand one
hundred and two” or, as in this case, “two one
zero two hexadecimal.”
The fourth character in the configuration register
is known as the boot field. Changing the value
for this character will have the following effects:
• 0x2100=Alwaysbootto ROMmon.
• 0x2102through0x210F=Load thefirstvalidIOSin
flash.
The command-line interface has two primary
modes: user mode and privileged mode.
When in privileged mode, we can then enter
configuration mode, as well as submodes, for
configuration.
Context-sensitive help can be invoked by using
the question mark (?).
The running configuration is stored in RAM as
running config, and the startup configuration is
saved in NVRAM as startup config.
Commonly used commands include show
version, show interface, show ip interface
brief, and show running-config.
Cisco Discovery Protocol (CDP) is a proprietary
(Cisco only) data-link (Layer 2) protocol. It is
enabled by default, but can be disabled globally
via the no cdp run command. To learn remote
device Layer 3 address, hardware platform, and
IOS version, use show cdp neighbor or show
cdp entry command.
Securing Your Cisco Devices
You can use Telnet/SSH to remotely manage
a Cisco device after it has IP addresses
configured on it and interfaces enabled.
Using the command login on the vty lines
requires the user to provide a password
when connecting via Telnet. That password is
configured on the vty lines.
To configure a password on all five Telnet lines,
you use configuration commands similar to the
following:
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Configuring SSH
To configure SSH on your router or switch, you
need the following elements:
• Ahostname
• Adomainname
• AnRSAkey
• Ausernameandpasswordfor localauthentication
Sample SSH Configuration
Switch>enable
Switch#config t
Switch(config)#hostname Branch_2960
Branch_2960(config)#ip domain-name
ExamCram.net
Branch_2960(config)#crypto key
generate rsa
Branch_2960(config)#username admin
password ciscocisco
Branch_2960(config)#line vty 0 4
Branch_2960(config-line)#login
Branch_2960(config-line)#login local
Branch_2960(config-line)#transport
input ssh
Branch_2960(config-line)#exit
In global configuration mode, you can use the
command ip ssh version 2. Multiple versions
of SSH are available, with Version 2 being
more secure than Version 1. The command
show ip ssh verifies that SSH is configured.
The command show ssh shows current SSH
connections to the router or switch.
You can the use of a username and password
for access via Telnet or SSH by using the
command login local on the vty line. The
username required must be configured on the
router as well as in global configuration mode
when using login local.
You may use an access control list (ACL) and
apply it to the vty lines to control which source
addresses can connect. In addition, you can
set timeouts for inactive sessions on the vty
lines.
A remote AAA server may be used to control
the authentication, instead of using a local
username configured on the router.
Banner messages with legal warnings may
also be set up on the router, via the banner
command.
Port security is a feature used on Layer
2 switch interfaces to control the number
of MAC addresses associated with that
interface. When enabled, this feature allows
a maximum of one MAC address to be
associated with this interface. A violation of
this policy results in a shutdown of the port
by default. To verify port security details, use
the command show port-security.
Switch Operations and Configuration
The most common physical media used for
Ethernet networks is twisted pair. Fiber-optic
cabling allows for transmission at higher
data rates over longer distances.
Ethernet physical addressing = MAC
addresses. 12 hexadecimal digits.
PC to switch/hub = Straight-through cable.
Hub-hub, switch-switch, PC-PC, router-
router, PC-router directly (no switch/hub):
Use crossover cable.
Switches, bridges, and routers segment
a network. Hubs and repeaters extend a
network.
Switches increase the number of collision
domains. Do not segment broadcast
domains. Routers, Layer 3 switches, and
VLANs segment broadcast domains.
A switch is a multiport bridge. Switches
forward frames using hardware application-
specific integrated circuits (ASIC), making
them faster than bridges. Dedicated
bandwidth per port.
Bridges and switches learn MACs by reading
the source MAC of each frame.
Half duplex: Shared collision domain and
lower throughput.
Full duplex: Point-to-point and higher
throughput. Allows both ends to transmit
simultaneously.
To remotely manage a switch, you need
an IP address, subnet mask, and default
gateway. The switch must be reachable on a
port in its management VLAN.
VLANs logically divide a switch into multiple,
independent networks at Layer 2.
Create separate broadcast domains in a
switch, increasing the number of broadcast
domains.
Span multiple switches using trunks.
Allow logical grouping of users by function.
VLAN configuration steps:
1. The VLAN must be created.
2. The desired ports must be added to the new
VLAN.
Routing between VLANs requires a router or
a Layer 3 switch.
Trunks carry traffic from multiple VLANs over
a single connection (crossover cable). The
VLAN ID is tagged using IEEE 802.1Q.
Spanning Tree Protocol (STP) provides a
loop-free topology. STP does the following:
• Electsarootbridge(lowest bridgeID)
• Electsarootportfor eachnonrootbridge/switch
(best cost, then lowest bridge ID)
• Electsadesignatedportfor eachsegment
• Blocksports(onnonrootswitches) toprevent
Layer 2 loops
STP cost for 100M is 19; the cost for 1G is 4.
STP port roles are as follows:
• Rootport:Portforwardingtoward theroot
bridge.
• Designatedport/forwarding:Portforwarding
away from the root bridge. (All ports on the root
are designated.)
• Nondesignated/discardingport:Blocking/
discarding frames of data.
STP types are as follows:
• 802.1D:TraditionalSTP
• PVST+:Cisco’senhancementstoSTP, allowing
separate STP for each VLAN
• 802.1w:RapidSpanningTree,converges faster
andusesfeaturesfromCisco’senhancements
• RapidPVST+:RapidSpanning Tree,withsup-
port for separate STP for each VLAN
The bridge ID is combination of priority, the
extended system ID (VLAN number), and the
base MAC address of the switch.
Priority can be changed to a lower value to
cause a switch to become the root.
PortFast can reduce the time for a port to
move to a forwarding state.
BPDU Guard can protect a port from seeing
bridge protocol data units (BPDUs), by shut-
ting down the port if BPDUs are seen.
